1
22
23 package com.liferay.portal.service.impl;
24
25 import com.liferay.portal.PortalException;
26 import com.liferay.portal.SystemException;
27 import com.liferay.portal.kernel.util.GetterUtil;
28 import com.liferay.portal.model.Group;
29 import com.liferay.portal.model.Layout;
30 import com.liferay.portal.model.PortletConstants;
31 import com.liferay.portal.model.Resource;
32 import com.liferay.portal.model.Role;
33 import com.liferay.portal.model.User;
34 import com.liferay.portal.security.auth.PrincipalException;
35 import com.liferay.portal.security.permission.ActionKeys;
36 import com.liferay.portal.security.permission.PermissionChecker;
37 import com.liferay.portal.security.permission.PermissionCheckerBag;
38 import com.liferay.portal.service.base.PermissionServiceBaseImpl;
39 import com.liferay.portal.service.permission.GroupPermissionUtil;
40 import com.liferay.portal.service.permission.PortletPermissionUtil;
41 import com.liferay.portal.service.permission.UserPermissionUtil;
42
43 import java.util.List;
44
45
50 public class PermissionServiceImpl extends PermissionServiceBaseImpl {
51
52 public void checkPermission(long groupId, long resourceId)
53 throws PortalException, SystemException {
54
55 checkPermission(getPermissionChecker(), groupId, resourceId);
56 }
57
58 public void checkPermission(long groupId, String name, long primKey)
59 throws PortalException, SystemException {
60
61 checkPermission(getPermissionChecker(), groupId, name, primKey);
62 }
63
64 public void checkPermission(long groupId, String name, String primKey)
65 throws PortalException, SystemException {
66
67 checkPermission(getPermissionChecker(), groupId, name, primKey);
68 }
69
70 public boolean hasGroupPermission(
71 long groupId, String actionId, long resourceId)
72 throws SystemException {
73
74 return permissionLocalService.hasGroupPermission(
75 groupId, actionId, resourceId);
76 }
77
78 public boolean hasUserPermission(
79 long userId, String actionId, long resourceId)
80 throws SystemException {
81
82 return permissionLocalService.hasUserPermission(
83 userId, actionId, resourceId);
84 }
85
86 public boolean hasUserPermissions(
87 long userId, long groupId, List<Resource> resources,
88 String actionId, PermissionCheckerBag permissionCheckerBag)
89 throws PortalException, SystemException {
90
91 return permissionLocalService.hasUserPermissions(
92 userId, groupId, resources, actionId, permissionCheckerBag);
93 }
94
95 public void setGroupPermissions(
96 long groupId, String[] actionIds, long resourceId)
97 throws PortalException, SystemException {
98
99 checkPermission(getPermissionChecker(), groupId, resourceId);
100
101 permissionLocalService.setGroupPermissions(
102 groupId, actionIds, resourceId);
103 }
104
105 public void setGroupPermissions(
106 String className, String classPK, long groupId,
107 String[] actionIds, long resourceId)
108 throws PortalException, SystemException {
109
110 checkPermission(getPermissionChecker(), groupId, resourceId);
111
112 permissionLocalService.setGroupPermissions(
113 className, classPK, groupId, actionIds, resourceId);
114 }
115
116 public void setOrgGroupPermissions(
117 long organizationId, long groupId, String[] actionIds,
118 long resourceId)
119 throws PortalException, SystemException {
120
121 checkPermission(getPermissionChecker(), groupId, resourceId);
122
123 permissionLocalService.setOrgGroupPermissions(
124 organizationId, groupId, actionIds, resourceId);
125 }
126
127 public void setRolePermission(
128 long roleId, long groupId, String name, int scope, String primKey,
129 String actionId)
130 throws PortalException, SystemException {
131
132 checkPermission(
133 getPermissionChecker(), groupId, Role.class.getName(), roleId);
134
135 permissionLocalService.setRolePermission(
136 roleId, getUser().getCompanyId(), name, scope, primKey, actionId);
137 }
138
139 public void setRolePermissions(
140 long roleId, long groupId, String[] actionIds, long resourceId)
141 throws PortalException, SystemException {
142
143 checkPermission(getPermissionChecker(), groupId, resourceId);
144
145 permissionLocalService.setRolePermissions(
146 roleId, actionIds, resourceId);
147 }
148
149 public void setUserPermissions(
150 long userId, long groupId, String[] actionIds, long resourceId)
151 throws PortalException, SystemException {
152
153 checkPermission(getPermissionChecker(), groupId, resourceId);
154
155 permissionLocalService.setUserPermissions(
156 userId, actionIds, resourceId);
157 }
158
159 public void unsetRolePermission(
160 long roleId, long groupId, long permissionId)
161 throws SystemException, PortalException {
162
163 checkPermission(
164 getPermissionChecker(), groupId, Role.class.getName(), roleId);
165
166 permissionLocalService.unsetRolePermission(roleId, permissionId);
167 }
168
169 public void unsetRolePermission(
170 long roleId, long groupId, String name, int scope, String primKey,
171 String actionId)
172 throws PortalException, SystemException {
173
174 checkPermission(
175 getPermissionChecker(), groupId, Role.class.getName(), roleId);
176
177 permissionLocalService.unsetRolePermission(
178 roleId, getUser().getCompanyId(), name, scope, primKey, actionId);
179 }
180
181 public void unsetRolePermissions(
182 long roleId, long groupId, String name, int scope, String actionId)
183 throws PortalException, SystemException {
184
185 checkPermission(
186 getPermissionChecker(), groupId, Role.class.getName(), roleId);
187
188 permissionLocalService.unsetRolePermissions(
189 roleId, getUser().getCompanyId(), name, scope, actionId);
190 }
191
192 public void unsetUserPermissions(
193 long userId, long groupId, String[] actionIds, long resourceId)
194 throws PortalException, SystemException {
195
196 checkPermission(getPermissionChecker(), groupId, resourceId);
197
198 permissionLocalService.unsetUserPermissions(
199 userId, actionIds, resourceId);
200 }
201
202 protected void checkPermission(
203 PermissionChecker permissionChecker, long groupId,
204 long resourceId)
205 throws PortalException, SystemException {
206
207 Resource resource = resourcePersistence.findByPrimaryKey(resourceId);
208
209 checkPermission(
210 permissionChecker, groupId, resource.getName(),
211 resource.getPrimKey().toString());
212 }
213
214 protected void checkPermission(
215 PermissionChecker permissionChecker, long groupId, String name,
216 long primKey)
217 throws PortalException, SystemException {
218
219 checkPermission(
220 permissionChecker, groupId, name, String.valueOf(primKey));
221 }
222
223 protected void checkPermission(
224 PermissionChecker permissionChecker, long groupId, String name,
225 String primKey)
226 throws PortalException, SystemException {
227
228 if (name.equals(Group.class.getName())) {
229 GroupPermissionUtil.check(
230 permissionChecker, GetterUtil.getLong(primKey),
231 ActionKeys.PERMISSIONS);
232 }
233 else if (name.equals(Layout.class.getName())) {
234 long plid = GetterUtil.getLong(primKey);
235
236 Layout layout = layoutPersistence.findByPrimaryKey(plid);
237
238 GroupPermissionUtil.check(
239 permissionChecker, layout.getGroupId(),
240 ActionKeys.MANAGE_LAYOUTS);
241 }
242 else if (name.equals(User.class.getName())) {
243 long userId = GetterUtil.getLong(primKey);
244
245 User user = userPersistence.findByPrimaryKey(userId);
246
247 UserPermissionUtil.check(
248 permissionChecker, userId, user.getOrganizationIds(),
249 ActionKeys.PERMISSIONS);
250 }
251 else if ((primKey != null) &&
252 (primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR) != -1)) {
253
254 int pos = primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR);
255
256 long plid = GetterUtil.getLong(primKey.substring(0, pos));
257
258 String portletId = primKey.substring(
259 pos + PortletConstants.LAYOUT_SEPARATOR.length(),
260 primKey.length());
261
262 if (!PortletPermissionUtil.contains(
263 permissionChecker, plid, portletId,
264 ActionKeys.CONFIGURATION)) {
265
266 throw new PrincipalException();
267 }
268 }
269 else if (!permissionChecker.hasPermission(
270 groupId, name, primKey, ActionKeys.PERMISSIONS) &&
271 !permissionChecker.hasPermission(
272 groupId, name, primKey, ActionKeys.DEFINE_PERMISSIONS)) {
273
274 throw new PrincipalException();
275 }
276 }
277
278 }